package com.example.elmspringboot.security.manager;

import com.example.elmspringboot.security.realm.JwtShiroRealm;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;

import java.util.ArrayList;
import java.util.List;

// 此处添加多个realm验证
public class securityManager {
    private JwtShiroRealm jwtShiroRealm;
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(){
        // 创建defaultWebSecurityManager对象
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        // 创建认证对象，并设置认证策略
        ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
        // 设置通过策略为匹配一个就行
        modularRealmAuthenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy());
        // 为默认的webSecurityManager添加匹配模式
        defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator);
        //
        List<Realm> realms = new ArrayList<>();
        //添加多个Realm
        realms.add(jwtShiroRealm);
        // 继续添加realm
//        realms.add(clientShiroRealm);
        // 为默认网络安全管理器设置验证realm
        defaultWebSecurityManager.setRealms(realms);
        // 返回
        return defaultWebSecurityManager;
    }
}
